Infographic by CISA on layering Network Security through Segmentation

CISA has published an infographic to emphasize the importance of implementing network segmentation to help prevent the lateral spread of a cyber attack.

Network Segmentation, whether physical or virtual, is an architectural approach that divides a network into multiple subnets that are specialized for specific business purposes and isolated between each other.

This will ensure that only systems, that are involved in the same business process, will be allowed to do communicate with each other.

In case of a compromised system, the malware will try to spread laterally to infect additional systems. If proper segmentation has been implemented, this will be prevented.

Microsegmentation facilitates this process, as it is software-based and can simplify the progressive implementation of Network Segmentation, both on traditional on-prem environments and Cloud or Hybrid-Cloud architectures.

The US CISA article
The Network Segmentation Infographic